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1 Low-overhead memory leak detection using adaptive statistical profiling | 
Matthias Hauswirth, Trishul M. Chilimbi 

October 2004 ACM SIGPLAN Notices , ACM SIGOPS Operating Systems Review , ACM 
SIGARCH Computer Architecture News , Proceedings of the 11th 
international conference on Architectural support for programming 
languages and operating systems ASPLOS-XI, volume 39 , 38 , 32 issue n , 5 , s 
Publisher ACM Press 

Additional Information: full citation, abstract , references , citings, index 
terms 



Full text available: 1 



Sampling has been successfully used to identify performance optimization opportunities. 
We would like to apply similar techniques to check program correctness. Unfortunately, 
sampling provides poor coverage of infrequently executed code, where bugs often lurk. 
We describe an adaptive profiling scheme that addresses this by sampling executions of 
code segments at a rate inversely proportional to their execution frequency. To validate 
our ideas, we have implemented SWAT, a novel memory leak detect ... 



Keywords: low-overhead monitoring, memory leaks, runtime analysis 



Symbolic pointer analysis for detecting memory leaks 
Berhard Scholz, Johann Blieberger, Thomas Fahringer 

November 1999 ACM SIGPLAN Notices , Proceedings of the 2000 ACM SIGPLAN 
workshop on Partial evaluation and semantics-based program 
manipulation PEPM f OO, volume 34 issue n 

Publisher ACM Press 

Full text available: mmiM MB) Additional information: full citation , atetract, references , dtings, index 
10 terms 

It is well accepted that pointers are a common source of memory anomalies such as 
loosing references to dynamic records without deallocating them (also known as memory 
leaks). This paper presents a novel pointer analysis framework that detects memory leaks 
by statically analyzing the behavior of programs. 

Our approach is based on symbolic evaluation of programs. Symbolic evaluation is an 
advanced static symbolic analysis that is centered around symbolic variable values, 
assumptions ab ... 
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Bell: bit-encoding online memory leak detection 
Michael D. Bond, Kathryn S. McKinley 

October 2006 ACM SIGPLAN Notices , ACM SIGOPS Operating Systems Review , ACM 
SIGARCH Computer Architecture News , Proceedings of the 12th 
international conference on Architectural support for programming 
languages and operating systems ASPLOS-XII, volume 4i , 40 , 34 issue 11 , 5 , 
5 

Publisher ACM Press 

Full text available: ^ pdf(445.91 KB) Additional Information: full citation , abstract , references , index terms 

Memory leaks compromise availability and security by crippling performance and crashing 
programs. Leaks are difficult to diagnose because they have no immediate symptoms. 
Online leak detection tools benefit from storing and reporting per-object sites (e.g., 
allocation sites) for potentially leaking objects. In programs with many small objects, per- 
object sites add high space overhead, limiting their use in production environments.This 
paper introduces Bit-Encoding Leak Location (Be ... 

Keywords: low-overhead monitoring, managed languages, memory leaks, probabilistic 
approaches 



Cork: dynamic memory leak detection for garbage-collected languages 
Maria Jump, Kathryn S. McKinley 

January 2007 ACM SIGPLAN Notices , Proceedings of the 34th annual ACM SIGPLAN- 
SIGACT symposium on Principles of programming languages POPL '07, 

Volume 42 Issue 1 
Publisher ACM Press 

Full text available: ^pdf(651.25 KB) Additional Information: full citation, abstract , references , index terms 

A memory leak in a garbage-collected program occurs when the program inadvertently 
maintains references to objects that it no longer needs. Memory leaks cause systematic 
heap growth, degrading performance and resulting in program crashes after perhaps days 
or weeks of execution. Prior approaches for detecting memory leaks rely on heap 
differencing or detailed object statistics which store state proportional to the number of 
objects in the heap. These overheads preclude their use on the sa ... 

Keywords: dynamic, garbage collection, memory leak detection, memory leaks, runtime 
analysis 



5 Context- and path-sensitive memory leak detection 
Yichen Xie, Alex Aiken 

September 2005 ACM SIGSOFT Software Engineering Notes , Proceedings of the 10th 
European software engineering conference held jointly with 13th 
ACM SIGSOFT international symposium on Foundations of software 
engineering ESEC/FSE-13, volume 30 issue 5 
Publisher ACM Press 

Full text available: t »pdfr251.65 KB) Additional Information: full citation , attract, references , eatings, index 
10 terms 

We present a context- and path-sensitive algorithm for detecting memory leaks in 
programs with explicit memory management. Our leak detection algorithm is based on an 
underlying escape analysis: any allocated location in a procedure P that is not deallocated 
in P and does not escape from P is leaked. We achieve very precise context- and path- 
sensitivity by expressing our analysis using boolean constraints. In experiments with six 
large open source projects our analysis produ ... 

Keywords: boolean satisfiability, error detection, memory leaks, memory management, 
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6 Memory leak detection in C++ 
Cal Erickson 

June 2003 Linux Journal, volume 2003 issue 110 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: jg] html(15.05 KB) Additional Information: full citation , abstract , index terms 

It's never too soon to fix bugs, and you canstart using these tools as soon as your project 
will compile. 

7 Memory allocation: Gated memory control for memory monitoring, leak detection and 
garbage collection 

Chen Ding, Chengliang Zhang, Xipeng Shen, Mitsunori Ogihara 

June 2005 Proceedings of the 2005 workshop on Memory system performance MSP 
f 05 

Publisher: ACM Press 

Full text available: I B pdff 135.93 KB) AddltionaI Information: full citation , abstract, references , dtings, index 
^ terms 

In the past, program monitoring often operates at the code level, performing checks at 
function and loop boundaries. Recent research shows that profiling analysis can identify 
high-level phases in complex binary code. Examples are time steps in scientific 
simulations and service cycles in utility programs. Because of their larger size and more 
predictable behavior, program phases make it possible for more accurate and longer term 
predictions of program behavior, especially its memory usage. This ... 

Keywords: memory leak, memory usage monitoring, object life, preventive memory 
management, program phase 



8 R esearch papers: test & analysis 111: Static detection of leak s in polymorphic 
containers 

David L. Heine, Monica S. Lam 

May 2006 Proceeding of the 28th international conference on Software engineering 
ICSE '06 

Publisher ACM Press 

Full text available: ^pdf(219.64 KB) Additional Information: full citation , abstract , references , index terms 

This paper presents the first practical static analysis tool that can find memory leaks and 
double deletions of objects held in polymorphic containers. This is especially important 
since most dynamically allocated objects are stored in containers.The tool is based on the 
concept of object ownership: every object has one and only one owning pointer. The 
owning pointer holds the exclusive right and obligation to either delete the object or to 
transfer the obligation. This paper presents an... 

Keywords: error detection, memory leaks, memory management, program analysis, 
type systems 



Memory leak detection in embedded systems 
Cal Erickson 

September 2002 Linux Journal, volume 2002 issue 101 
Publisher Specialized Systems Consultants, Inc. 

Full text available: %$\ html(13.11 KB) Additional Information: full citation , abstract , index terms 
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Erickson discusses some of the best tools for memory leak detectionfor embedded 
programmers. 

10 On the usefulness of type and liveness accuracy for garbage collection and leak 
detection 

Martin Hirzel, Amer Diwan, Johannes Henkel 

November 2002 ACM Transactions on Programming Languages and Systems 

(TOPLAS), Volume 24 Issue 6 

Publisher. ACM Press 

Full text available- Hi pdf(684 85 KB) A^ 0031 Information: full citation , abstract , references , citings , index 
* »o : terms 

The effectiveness of garbage collectors and leak detectors in identifying dead objects 
depends on the accuracy of their reachability traversal. Accuracy has two orthogonal 
dimensions: (i) whether the reachability traversal can distinguish between pointers and 
nonpointers {type accuracy), and (ii) whether the reachability traversal can identify 
memory locations that will be dereferenced in the future (liveness accuracy). This article 
presents an experimental study of the impo ... 

Keywords: Conservative garbage collection, leak detection, liveness accuracy, program 
analysis, type accuracy 



11 A practical flow-sensitive and context-sensitive C and C++ memory leak detector 
David L. Heine, Monica S. Lam 

May 2003 ACM SIGPLAN Notices , Proceedings of the ACM SIGPLAN 2003 conference 
on Programming language design and implementation PLDI '03, volume 38 

Issue 5 

Publisher ACM Press 

Full text available: | §pdft214.44 KB) Additional Information: full citation, abstract, references, citings, index 



This paper presents a static analysis tool that can automatically find memory leaks and 
deletions of dangling pointers in large C and C++ applications. We have developed a type 
system to formalize a practical ownership model of memory management. In this model, 
every object is pointed to by one and only one owning pointer, which holds the exclusive 
right and obligation to either delete the object or to transfer the right to another owning 
pointer. In addition, a pointer-typed class member ... 

Keywords: error detection, memory leaks, memory management, program analysis, 
type systems 




12 Static detection of dynamic memory errors | 
David Evans 

May 1996 ACM SIGPLAN Notices , Proceedings of the ACM SIGPLAN 1996 conference 
on Programming language design and implementation PLDI f 96, volume 3i 

Issue 5 

Publisher ACM Press 

Full text available' fQpdffl.17 MB) Additional Information: full citation, abstract, references, dtings, index 
6f3 terms 

Many important classes of bugs result from invalid assumptions about the results of 
functions and the values of parameters and global variables. Using traditional methods, 
these bugs cannot be detected efficiently at compile-time, since detailed cross-procedural 
analyses would be required to determine the relevant assumptions. In this work, we 
introduce annotations to make certain assumptions explicit at interface points. An efficient 
static checking tool that exploits these annotations can dete ... 
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13 HeapMD: identifying heap-based bugs using anomaly detection 
Trishul M. Chilimbi, Vinod Ganapathy 

October 2006 ACM SIGARCH Computer Architecture News , ACM SIGOPS Operating 
Systems Review , ACM SIGPLAN Notices , Proceedings of the 12th 
international conference on Architectural support for programming 
languages and operating systems ASPLOS-XII, volume 34 , 40 , 4i issue 5,5, 
ii 

Publisher: ACM Press 

Full text available: ^pdf(246.89 KB) Additional Information: full citation , abstract , references , index terms 

We present the design, implementation, and evaluation of HeapMD, a dynamic analysis 
tool that finds heap-based bugs using anomaly detection. HeapMD is based upon the 
observation that, in spite of the evolving nature of the heap, several of its properties 
remain stable. HeapMD uses this observation in a novel way: periodically, during the 
execution of the program, it computes a suite of metrics which are sensitive to the state 
of the heap. These metrics track heap behavior, and the stability of t ... 

Keywords: anomaly detection, bugs, debugging, heap, metrics 



14 Efficient detection of all pointer and array access errors 
Todd M. Austin, Scott E. Breach, Gurindar S. Sohi 

June 1994 ACM SIGPLAN Notices , Proceedings of the ACM SIGPLAN 1994 conference 
on Programming language design and implementation PLDI f 94, volume 29 

Issue 6 

Publisher ACM Press 

Full text available- ■ FHpdfM.62 MB) Agonal Information: full citation , abstrac*. references , dtings, index 
123 terms 

We present a pointer and array access checking technique that provides complete error 
coverage through a simple set of program transformations. Our technique, based on an 
extended safe pointer representation, has a number of novel aspects. Foremost, it is the 
first technique that detects all spatial and temporal access errors. Its use is not limited by 
the expressiveness of the language; that is, it can be applied successfully to compiled or 
interpreted languages with subscripted and mutabl ... 



15 AccMon: Automatically Detecting Memory-Related Bugs via Program Counter-Based fj^ 
Invariants 

Pin Zhou, Wei Liu, Long Fei, Shan Lu, Feng Qin, Yuanyuan Zhou, Samuel Midkiff, Josep 
Torrellas 

December 2004 Proceedings of the 37th annual IEEE/ ACM International Symposium 
on Microarchitecture MICRO 37 

Publisher IEEE Computer Society 

Full text available: ^ |pdf(249.11 KB) Additional Information: full citation, abstract , citings 

This paper makes two contributions to architectural support for software debugging. First, 
it proposes a novel statistics-based, on-the-fiy bug detectionmethod called PC-based 
invariant detection. The idea is based on the observation that, in most programs, a given 
memory location is typically accessed by only a few instructions. Therefore, by capturing 
the invariant of the set of PCs that normally access a given variable, we can detect 
accesses by outlier instructions, which are often caused by ... 

16 OOPSLA practitioner reports chair's welcome: The dynamics of changing dynamic Q 
^ memory allocation in a large-scale C++ application 

v Neil B. Harrison, John H. Meiners 

October 2006 Companion to the 21st ACM SIGPLAN conference on Object-oriented 
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programming systems, languages, and applications OOPSLA '06 
Publisher: ACM Press 

Full text available: ^|pdf(229.94 KB) Additional Information: full citation , abstract , references , index terms 

Changing the approach to dynamic memory allocation in a large legacy application is 
challenging. In order to improve the robustness of memory allocation, we fundamentally 
changed it. We replaced standard heap allocation with class-specific heaps. We were able 
to do it with almost no changes to the existing class code by overriding the C++ new() 
and delete() operators, and using templates creatively to insert the changes into class 
hierarchies.The results have been very positive. Misuse of dynami ... 

Keywords: curiously recurring template pattern, memory management, templates 



17 ARCHER: using symbolic, path-sensitive analysis to detect memory access errors 9 
^ Yichen Xie, Andy Chou, Dawson Engler 

▼ September 2003 ACM SIGSOFT Software Engineering Notes , Proceedings of the 9th 
European software engineering conference held jointly with 11th 
ACM SIGSOFT international symposium on Foundations of software 
engineering ESEC/FSE-11, volume 28 issue 5 
Publisher: ACM Press 

Full text available: fB pdff 582.35 KB) Addltional Information: full citation , attract, references , citings, index 

terms 

Memory corruption errors lead to no n -deterministic, elusive crashes. This paper describes 
ARCHER (ARray CHeckER) a static, effective memory access checker. ARCHER uses path- 
sensitive, interprocedural symbolic analysis to bound the values of both variables and 
memory sizes. It evaluates known values using a constraint solver at every array access, 
pointer dereference, or call to a function that expects a size parameter. Accesses that 
violate constraints are flagged as errors. Those that ar ... 

Keywords: buffer overflow, buffer overrun, error detection, memory access errors, 
security, static analysis 
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Memory is the performance bottleneck of modern architectures. Keeping memory 
consumption as low as possible enables fast and unobtrusive applications. But it is not 
easy to estimate the memory use of programs implemented in functional languages, due 
to both the complex translations of some high level constructs, and the use of automatic 
memory managers.To help understand memory allocation behavior of Scheme programs, 
we have designed two complementary tools. The first one reports on frequency of ... 
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Computer security is severely threatened by software vulnerabilities. Prior work shows 
that information flow tracking (also referred to as taint analysis) is a promising technique 
to detect a wide range of security attacks. However, current information flow tracking 
systems are not very practical, because they either require program annotations, source 
code, non-trivial hardware extensions, or incur prohibitive runtime overheads. This paper 
proposes a low overhead, software-only information flow ... 
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Pointer errors are stumbling blocks for student and veteran programmers alike. Although 
languages such as Java use references to protect programmers from pointer pitfalls, the 
use of garbage collection dictates that languages like C++ will still be used for real-time 
mission-critical applications. Pointers will stay in the classroom as long as they're used in 
industry, so as educators, we must find better ways to teach them. This paper presents 
checked pointers, a simple wr ... 
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